ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-19 04:57:14 +03:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
9c07d1155c
scorecard/checks
History
raghavkaul 4063fb6d49
🌱 Code Review: treat merging a PR as code review (#2413) 
* Merges on Github count as a code review by the maintainer

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

* Update Raw Results

* More detailed information for Changesets
* If there's no Revision ID, use the Commit SHA instead

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

* Check that pull request had atleast one reviewer that wasn't its author

* Add field for Pull Request Merged-By to Github and Gitlab
* Note, this check can be bypassed if an author opens a PR with other
  people's commits

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2022-11-08 11:09:02 -08:00
..
evaluation 🌱 Code Review: treat merging a PR as code review (#2413) 2022-11-08 11:09:02 -08:00
fileparser Remove line continuations in all run steps. (#2335) 2022-10-06 15:08:12 -04:00
raw 🌱 Code Review: treat merging a PR as code review (#2413) 2022-11-08 11:09:02 -08:00
testdata Improved Security Policy Check (#2195) 2022-11-04 14:35:44 -07:00
all_checks_test.go Only run allowed checks in different modes (#1579) 2022-02-07 16:49:49 -08:00
all_checks.go Favor SLSA provenance over plain signature in Signed-Release (#2144) 2022-08-12 11:49:32 -07:00
binary_artifact_test.go Binary artifact exception for gradle-wrapper.jar when using validation action (#2039) 2022-07-18 18:42:32 +00:00
binary_artifact.go Binary artifact exception for gradle-wrapper.jar when using validation action (#2039) 2022-07-18 18:42:32 +00:00
branch_protection_test.go Add CODEOWNERS branch protection check (#2057) 2022-08-29 12:57:47 -05:00
branch_protection.go Add raw results to cron scans (#1741) 2022-03-18 19:05:14 -07:00
ci_tests.go 🌱 Split CI-Tests check into a raw and evaluation section (#2291) 2022-09-29 15:03:40 +00:00
cii_best_practices_test.go Raw results for best practices badge (#1795) 2022-04-25 17:04:21 +00:00
cii_best_practices.go 🐛 Ignore shell parsing errors when reporting results (#1878) 2022-05-02 10:11:50 -07:00
code_review_test.go 🌱 Code Review: treat merging a PR as code review (#2413) 2022-11-08 11:09:02 -08:00
code_review.go Add raw results to cron scans (#1741) 2022-03-18 19:05:14 -07:00
contributors_test.go Replace clients.Contributor with clients.User (#1957) 2022-05-31 13:19:14 -07:00
contributors.go Raw results for Contributors check (#1919) 2022-05-18 18:13:10 +00:00
dangerous_workflow.go Raw results for dangerous workflow (#1849) 2022-04-21 22:02:18 +00:00
dependency_update_tool_test.go Add Sonatype Lift as a dependency update tool, doc upgrade (#2328) 2022-10-19 15:33:05 +00:00
dependency_update_tool.go Add raw results to cron scans (#1741) 2022-03-18 19:05:14 -07:00
errors.go Add raw results for Token-Permissions (#1912) 2022-07-15 21:48:50 +00:00
fuzzing_test.go Add Language struct and optimize result parsing for GHClient.ListProgrammingLanguages (#1992) 2022-06-10 12:13:38 -07:00
fuzzing.go Raw results for Fuzzing check (#1917) 2022-05-20 00:55:49 +00:00
license_test.go Raw results for license (#1790) 2022-04-13 18:20:05 -07:00
license.go Raw results for license (#1790) 2022-04-13 18:20:05 -07:00
maintained_test.go 🌱 Upgrade to go 1.18 (#2143) 2022-08-16 20:55:48 -05:00
maintained.go Raw result for Maintained check (#1780) 2022-03-29 16:35:42 +00:00
packaging.go Raw results for Packaging check (#1913) 2022-06-01 16:41:20 +00:00
permissions_test.go Removed job-level permissions check for actions and packages (#2367) 2022-10-19 01:02:17 -07:00
permissions.go 🐛 Fix remediation text when Scorecard is run multiple times within a program (#2168) 2022-08-17 16:10:49 -05:00
pinned_dependencies.go 🐛 Fix remediation text when Scorecard is run multiple times within a program (#2168) 2022-08-17 16:10:49 -05:00
sast_test.go 🌱 Upgrade to go 1.18 (#2143) 2022-08-16 20:55:48 -05:00
sast.go Optimize SAST check (#2191) 2022-08-26 19:53:48 +00:00
security_policy_test.go Improved Security Policy Check (#2195) 2022-11-04 14:35:44 -07:00
security_policy.go Security-Policy should not run on --local (#1825) 2022-04-07 14:12:22 -05:00
signed_releases_test.go Favor SLSA provenance over plain signature in Signed-Release (#2144) 2022-08-12 11:49:32 -07:00
signed_releases.go Raw results for Signed-Release check (#1789) 2022-04-01 23:13:58 +00:00
vulnerabilities_test.go Separate check from policies for the Vulnerabilities check (#1532) 2022-01-26 15:45:39 -05:00
vulnerabilities.go Add raw results to cron scans (#1741) 2022-03-18 19:05:14 -07:00
webhook_test.go 🌱 Limit access to registered checks (#2134) 2022-08-10 20:11:18 +00:00
webhook.go 🌱 Limit access to registered checks (#2134) 2022-08-10 20:11:18 +00:00
write.md 📖 Minor typos and copy-editing to checks/write.md (#2071) 2022-07-26 19:13:47 +00:00